TrustArc Cookie Consent Manager Watch Video Address cookie consent requirements. Cookies help your customers have a more enjoyable experience by helping them do everything from remembering passwords to suggesting products they may enjoy. Cookies also help companies with website analysis and managing behavioral advertising programs. However, laws such as GDPR, CCPA, ePrivacy and other forthcoming legislation have specific requirements around how companies may use cookies. Learn More Determining which laws apply, and how to comply with them is just part of the challenge. Keeping records and an audit trail, and being able to demonstrate compliance add to the complexity. TrustArc Cookie Consent Manager TrustArc has been a leader and innovator in the consent industry since 2012. Our solution is trusted by companies of all sizes, from the Fortune 100 to small and mid-sized businesses. Whether you’re meeting GDPR, CCPA, or ePrivacy requirements, TrustArc Cookie Consent has you covered. Cookie Consent Manager provides a powerful, flexible, proven solution to address cookie compliance, including support for visual customization and branding, implementation through a single script, integration with tag management systems for zero cookie load, audit trails and global implementation through dynamic language detection. Your team can easily implement the solution, which can seamlessly integrate with your brand experience, while obtaining the consent required for geographic-specific requirements. TrustArc can also plan, implement, and manage your ongoing cookie consent solution for you. Cookie Consent Manager Features Tracker and Cookie Scanning Detect a broad range of tracking technologies, including JavaScript tags, web beacons, local storage objects, cookies and much more. Scan results will trigger automatic updates to Cookie Consent Manager. Visual Customization and Branding Custom tailor the cookie consent user experience to align with your corporate branding. Select colors, fonts, and logos to maintain your site’s look and feel. Cross-Domain Cookie Consent Apply the consent of users from one website to another - across subsidiaries, brands or affiliates. This feature can improve the user's experience by not requiring them to consent multiple times as they navigate across your websites. Reverse IP Country Lookup Identify the country of each site visitor, allowing you to match the delivery of the cookie consent notice to the specific regulatory requirements for each site visitor. Dynamic Browser Language Detection Dynamic language detection, which means one tag detects the correct browser language and displays the appropriate language for the user for the best user experience. Clients can support multiple languages through a single tag deployment rather than deploying one tag per language. GDPR Compliance Reports Provides a compliance audit trail and report detailing a data subject's cookie consent, time of consent and other metadata in compliance with GDPR Article 7(1), should a regulatory authority or a user require proof. Integration with Tag Management Systems Integrate with tag management systems by Adobe, Tealium, Signal, Ensighten, Google and others to support the strictest level of cookie consent — a "zero-cookie load". This means that you will be able to suspend cookies and other personal data processing actions from loading onto your site prior to obtaining the data subject's consent. IAB EU Framework Support Option to support the IAB EU Transparency Consent Framework. Easy implementation for both new and existing customers. Managed Services TrustArc can also manage your cookie consent solution for you. TrustArc Direct Marketing Consent Manager TrustArc also offers a solution to support compliance with GDPR consent requirements for activities such as promoting products and services, surveys, newsletter subscriptions and other marketing activities directed at data subjects. For more information, click here. Privacy Dashboard Monitor the status of privacy KPIs along with regulatory updates with the centralized, configurable dashboard. TrustArc Platform Data Flow Manager is part of the TrustArc Platform which provides capabilities to manage all phases of privacy compliance. For more information, click here. Cookie Consent Guide: Frequently Asked Questions Below are answers to some of the most popular cookie consent questions that we’ve received from customers. What is cookie consent? ➤ Cookie Consent is designed to provide website visitors with choice and control over their consent to use cookies and other tracking technologies when visiting websites. The capability is delivered using cookie consent code, and is required as part of compliance with the ePrivacy directive, GDPR, and the forthcoming ePrivacy Regulation. What is a cookie consent banner? The cookie consent banner (aka cookie consent bar or cookie popup) appears at the top of a website and notifies visitors, via a cookie consent message, about the use of cookies. What is a GDPR compliant cookie consent solution? In order to be compliant with GDPR (aka cookie consent DSGVO), a website should: Inform the user how their personal data is being used prior to storing it on the device (by displaying cookie consent text). Enable consent to use cookies via an explicit affirmative action. Be able to prove that consent has occurred. Provide a means for the withdrawal of consent and guarantee via prior blocking that no tracking is performed before consent is obtained. State the category of each cookie on the website. Do I need a GDPR compliant cookie consent solution if I only use Google analytics on my website? Per the Google Analytics support website, “When using Google Analytics Advertising Features, you must also comply with the European Union User Consent Policy.” If you have enabled Advertising features in Google Analytics, then consent from the EU citizen is a requirement. What is the GDPR? ➤ The General Data Protection Regulation (EU) 2016/679 ("GDPR") is a European Union (EU) law the deals with data protection and privacy for all individuals within the European Union. It also addresses the export of personal data outside the EU. How does the GDPR define personal data? General Data Protection Regulation (GDPR) is designed to protect “natural persons” visiting websites “with regard to the processing of personal data and on the free movement of such data.” The GDPR has significantly broadened the concept of “personal data” for privacy purposes, including technical identifiers, location data, IP address, photos and other information that directly or indirectly can identify a distinct person, regardless of context. What does the GDPR say about cookies and online tracking? Per GDPR, the setting of tracking cookies can only occur once the user has provided their consent. What does the GDPR say about cookies opt in and opt out? GDPR Article 4(11) is clear about for opt-in consent. Specifically, it states:"any freely given, specific, informed and unambiguous indication of his or her wishes by which the data subject, either by a statement or by a clear affirmative action, signifies agreement to personal data relating to them being processed; …Silence, pre-ticked boxes or inactivity should therefore not constitute consent." Opt-out is implied in the regulation. If the user does not explicitly opt in, they are opting out. What is a GDPR compliant cookie policy? In order to be compliant with GDPR, a website should: Inform the user how their personal data is being used prior to storing it on the device. Enable consent to use cookies via an explicit affirmative action. Be able to prove that consent has occurred Provide a means for the withdrawal of consent and guarantee via prior blocking that no tracking is performed before consent is obtained. State the category and purpose of each cookie on the website. What is the ePrivacy regulation? ➤ Regulation on Privacy and Electronic Communications ("ePrivacy Regulation") has been proposed by the European Commission to replace the current ePrivacy Directive. The new ePrivacy Regulation would be effective in all EU Member States upon finalization and will not require separate implementing legislation by each EU member state. It is anticipated that the ePrivacy Regulation may come into effect in 2019. What is the difference between the ePrivacy Regulation and the GDPR? ePrivacy Regulation will apply to any entity that processes electronic communications data and any provider of electronic communications services ("ECS"). "Electronic communications data" includes information concerning the end-user processed for the purpose of transmitting, distributing, or enabling the exchange of content, as well as information regarding content transmitted or exchanged. ECS would include email, internet access services, SMS, VoIP, Internet of Things devices and public and semi-private Wi-Fi “hotspots”, among other things. ePrivacy differs from GDPR in the following ways: Specifically focused on electronic communications While the GDPR is the general regulation for personal data stored or used by a company, ePrivacy is a law specifically governing electronic communications. So, when a data privacy issue is raised regarding communications, ePrivacy will be used by regulators for enforcement. The two laws are meant to complement one another. Includes non-personal data GDPR is entirely-focused on the protection of personal data. The ePrivacy regulation is more expansive in its definition of data protection as it is focused more broadly on the confidentiality of communications, "which may also contain non-personal data and data related to a legal person," the proposal states. Derived from different areas of EU law The GDPR is based on Article 8 of the European Charter of Human Rights which says: "Everyone has the right to respect for his private and family life, his home and his correspondence" - i.e., a data subject has rights and is informed about what processing is being carried out on his or her personal data. ePrivacy reflects Article 7 of the Charter of Fundamental Rights, which states: "Everyone has the right to respect for his or her private and family life, home and communications." - i.e., the data subject is aware of and can make choices in the context of communications that impact him or her. Also, the user may be either an individual or legal entity (vs. an individual-only with GDPR). What is the ePrivacy directive? ➤ The ePrivacy Directive (aka the EU Cookie Law) was issued in 2002, and concerned the processing of personal data and the protection of privacy in the electronic communications sector. What is the difference between the ePrivacy regulation and the ePrivacy directive? Regulation on Privacy and Electronic Communications ("ePrivacy Regulation") has been proposed by the European Commission to replace the current ePrivacy Directive. The new ePrivacy Regulation would be effective in all EU Member States upon finalization and will not require separate implementing legislation by each EU member state, as was the case with the ePrivacy Directive. Put another way, regulations are legally binding across the EU and directives are designed to be incorporated into individual country’s laws, leaving open the possibility for different interpretations of the directive. It is anticipated that the ePrivacy Regulation may come into effect in 2019. What is the EU cookie law? ➤ The "EU Cookie Law" is another name for EU Directive 2009/136/EC. In it, the European Parliament mandated that all countries within the EU need to establish laws requiring websites to obtain informed consent before they can store or retrieve information on a visitor's device. Learn how TrustArc Cookie Consent Manager can help manage GDPR compliance. Schedule a Demo Resources × This video is unavailable due to your cookie preference setting. To view the video: (1) Click the ‘Cookie Preferences’ button in the bottom right; (2) Change the ‘Functional Cookies’ setting to ‘Yes’; (3) Refresh the page.
English English
Deutsch
Español
Français
Italiano
Nederlands